19 Apr 2021

Recruiting for cyber security skills post Covid-19

Guest blog: Dom Harvey, Director at CWJobs as part of our #Cyber2021 Week

Read the original blog on CWJobs' website

Covid-19 led to an increase in people working from home, which meant more online transactions and a rise in malicious cyber attacks. According to a recent statistic shared by software company, Tessian, 47% of individuals fall for a phishing scam while working at home.

For many businesses in the UK, cyber skills have become crucial to protecting their assets and continuing their operations online. On CWJobs’ platform, ‘cyber security’ was the third top keyword search in January and February 2021, with a 16% month-on-month increase.

Cyber skills are in high demand right now and will continue to be as markets start to re-open. Companies, therefore, need to know what the market trends are, what to look for in cyber security candidates and how to bridge the skills gap.

A statistic released by the UK Government confirms that 43% of cyber security businesses that recruited in the past 3 years, say they had challenges because applicants lacked technical skills or knowledge.

To learn more about the cyber security capabilities in the UK, CWJobs spoke with Tom Chapman , Director of Iceberg, leading cyber security recruitment company that trusts CWJobs to source quality tech candidates with cyber security skills.

What is the state of the cyber security market now, and how do you think the demand for skilled candidates will change throughout 2021 and beyond?

It’s a great time to be starting your cyber security journey or looking at a potential career move. We’re seeing organisations being more proactive rather than reactive when it comes to making sure they have the right systems, controls, and personnel in place. The demand is always going to be high and for me, that’s because the security market is full of innovation. In today’s world, protecting data and assets is how organisations build trust with their customers.

CWJobs’ recent research revealed that 55% of workers outside the tech industry who are thinking of changing careers, would consider going into tech. Is entry-level talent and career changers the key to bridging the tech skills gap in cyber security?

As a business, we’ve seen more opportunities arise for internships (something the UK is lacking compared to our friends in the U.S.) but still not enough. Providing entry-level talent with the chance to be mentored is something the industry needs more of. In my opinion, there isn’t one answer to bridging the skills gap in cyber security, it’s going to take a combination of things, including, a diverse range of skill sets and talents. Non-technical security positions are just as important, which again, shows just how wide open a career in security can be.

CWJobs research into tech training has found that it is considered an important incentive for tech employees. Does this apply to cyber security candidates? What do they look for in a job role and are employers adapting to those needs?

Training and development are always going to be key in attracting and retaining talent, so I would agree this is a big driver. From the security talent we place, the opportunity to conduct research and gain new certifications is an important incentive. Also, the diversity in projects and internal mobility.

CWJobs’ report on UK tech hubs identified Manchester, Leeds, Bristol, Edinburgh and Birmingham as the leading cities. Would you say these are the areas that hire the most for cyber skills?

Before the pandemic I’d have said yes. However, in 2021 and beyond, I’d expect to see more remote positions become available. I’ve seen more adverts on TV, radio and social media than ever before - even local councils are getting bigger cyber budgets. So, I don’t think it’ll matter where you’re based - the cyber skills demand will continue to grow.

What initiatives can employers looking to hiring cyber security skills implement to attract more diverse candidates?

This is something the industry is working hard on, and still needs time to develop. I’d say that being aware of the language used in job adverts is crucial. It’s important to demonstrate inclusivity and to avoid words that are gender-specific, or show bias in any way.

What else do you think is important for employers to know when hiring cyber security talent?

Cyber security talent can be discouraged when they see a job description that’s a combination of 3 or 4 roles put together. Employers need to really understand what it is they need and then demonstrate to candidates how they’re investing in security, not just in the short-term but for the future as well.